FTP over SSL client

Post #137,238 by gdaustin 1/22/04 10:38:35 PM Reply	FTP over SSL client Been trying to get this to work at work. The other side is apparently a tempermental version Sterling Connect:Enterprise with a FTP SSL daemon. I've tried several FTP over SSL implementations, but one of two things happens. 1. If I try using passive mode transfer without a CCC before the file transfer, then the firewall on the other side refuses my attempt to connect to the passive mode port. The firewall group for the company won't "uncloak" high port numbers. They want me to use the CCC command in my ftp command session stream. Apparently, the firewall is then able to see the PORT command and open the right socket for the data transfer session. 2. If I try using CCC from my side, my command connection gets terminated on the next command. I'm getting a lostpeer() in C Kermit. I've tried this both behind the corporate firewall, and from my home live Internet connection. The results are the same, I lose the command connection. I've fought with this for 2 weeks now, and management is giving up to do the VPN connection at a higher cost. I'm just frustrated that I can't seem to make it work. Any idea on who is breaking the command session? How can I find out? Glen Austin
Post #137,240 by FuManChu 1/22/04 10:41:41 PM Reply	No ideas about FTP over SSL but recommend SSH/scp or OpenVPN Both free (software-wise, still need a box)
Post #137,241 by ChrisR 1/22/04 10:44:34 PM Reply	It's all foreign to moi but one of our vendors has us use sftp which I gather is using ssh in some form. Still looks like ftp from my end (uses a different program, not the normal ftp).
Post #137,242 by boxley 1/22/04 10:44:38 PM Reply	do you have control over both ends of the ssh tunnel? If so then route ftp locally over the ssh tunnel, then reroute to the normal ftp port on the end box, or use sftp. [link\|http://www.ssh.com/support/documentation/online/ssh/adminguide/32/Port_Forwarding.html\|http://www.ssh.com/s...t_Forwarding.html] thanx. bill same old crap, con artists ripping off fools. Ah, hell, Catholic Church it start off that way. They All do. Jesus probably had three walnut shells one pea, then he's dead and can't be questioned, Gabriel Dupre questions, help? [link\|mailto:pappas@catholic.org\|email pappas at catholic.org]
Post #137,245 by gdaustin 1/22/04 11:03:18 PM 1/22/04 11:04:44 PM Reply	I only control the client end.... We have lots of working ssh/scp solutions. However, for some reason, this customer has chosen ftps (SSL), instead of sftp (using ssh). The big vendor they use standardized on it. The part that freaks me out is that the trading partner is content to run this on a (vulnerable) Windows NT box, while insisting that I find a client to meet their standard. They list about 6 clients supported by the vendor. 2 are expensive. 1 Open Source (bsdftp ssl, builds for BSD and Linux ONLY), and 3 Windows implementations. I need something for Solaris or AIX. I've actually already been told to stop working on it, but I'm so darned close to getting it working (or at least it seems that way), that I would really like to figure out this CCC thing. Oh well, it appears the company will do the VPN thing instead. Glen Austin Edited by gdaustin Jan. 22, 2004, 11:04:44 PM EST Expand All History

Welcome to IWETHEY!